The conversation-watson plugin before 0.8.21 for WordPress has a DOM-based XSS vulnerability that is executed when a chat message containing JavaScript is sent.
References
Link | Resource |
---|---|
https://wordpress.org/plugins/conversation-watson/#developers | Third Party Advisory |
https://wpvulndb.com/vulnerabilities/10035 | Third Party Advisory |
https://www.hooperlabs.xyz/disclosures/cve-2020-7239.php | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2020-01-21 05:15
Updated : 2024-02-28 17:28
NVD link : CVE-2020-7239
Mitre link : CVE-2020-7239
CVE.ORG link : CVE-2020-7239
JSON object : View
Products Affected
ibm
- chatbot_with_ibm_watson
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')